httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Malo ...@perlig.de>
Subject Re: [Review] mod_dav.xml split (Revision)
Date Wed, 13 Nov 2002 22:13:29 GMT
* Joshua Slive wrote:

> The DavLockDB is written as the httpd User/Group, correct? 

yep. (resp. the process uid/gid, think of perchild)

> Is it safe to
> write it to a publicly writable directory like /tmp? 

hmm. I think no.

> If so, we should
> change the example in the DavLockDB directivesynopsis to recommend that,
> since it now points to logs/DavLock.  If not, we should change the other
> examples to logs/DavLock, and we should document the necessity to
> touch/chown the file before starting apache.

The problem is: "normal" logfiles are usually opened as root, so in fact 
*nobody* needs write access to the logs directory. Actually one should 
create a separate directory for runtime lo[g|ck]s, like DavLock, 
RewriteLog, ScriptLog (?). Or is this too paranoid?

(of course, this doesn't affect the win32 'user concept'...)

nd
-- 
s  s^saaaaaoaaaoaaaaooooaaoaaaomaaaa  a  alataa  aaoat  a  a
a maoaa a laoata  a  oia a o  a m a  o  alaoooat aaool aaoaa
matooololaaatoto  aaa o a  o ms;s;\s;s;g;y;s;:;s;y#mailto: #
 \51/\134\137| http://www.perlig.de #;print;# > nd@perlig.de

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org


Mime
View raw message